SICK MSC800 (ICSA-19-178-04)

The NCCIC has published an advisory on a use of hard-coded credentials vulnerability in SICK MSC800. All versions prior to 4.0 are affected. Successful exploitation of this vulnerability could allow a low-skilled remote attacker to reconfigure settings and/or disrupt the functionality of the device. SICK recommends affected users upgrade to the latest firmware version (v4.0). The NCCIC also advises of a series of measures for mitigating the vulnerabilities. Read the advisory at CISA.